The current Nginx configuration is too verbose and to much separated files. It is better to re-organize and optimize the current configuration.

Any suggestion is welcomed...

What's the right method to import environment variables from .env file without breaking ShellCheck warning as mentioned in SC1090 ?

any solution is welcome

Command

$ sudo lemper-cli create -u lemper -d eslabs.id -f wordpress-ms -w /home/lemper/webapps/eslabs.id --wildcard-domain

Responses

Adding domain eslabs.id to virtual host...
Creating web root directory: /home/lemper/webapps/eslabs.id...
Selecting Wordpress-ms framewrok...
Setting up WordPress Multi-site virtual host...
Creating default WordPress index file...
mkdir: cannot create directory ‘/home/lemper/webapps/eslabs.id/wp-content/uploads’: No such file or directory
Error: Failure running 'mkdir /home/lemper/webapps/eslabs.id/wp-content/uploads', exiting.

Add authentication for securing PHP-FPM & Nginx Mod_PageSpeed statistics

Creating NGiNX configuration...
cp: cannot stat 'etc/nginx/ssl': No such file or directory
Error: Failure running 'cp -fr etc/nginx/includes etc/nginx/vhost etc/nginx/ssl /etc/nginx/', exiting.

Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin. A web application executes a cross-origin HTTP request when it requests a resource that has a different origin (domain, protocol, or port) from its own.

Ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

lcp/filemanager/index.php is directly accessible without .htpasswd check

lcp/filemanager/ is protected
lcp/filemanager/index.php is not protected

If swap doesn't exists, Lemper attempt to create swap. Swap size could be optimized as below:

if RAM_SIZE < 2GB then set SWAP_SIZE to 2x of RAM_SIZE
else if RAM_SIZE > 2GB && RAM_SIZE < 8GB then set SWAP_SIZE equal to RAM_SIZE
else set SWAP_SIZE to 8GB

Introduction

Vanilla was born out of the desire to create flexible, customizable, and downright entertaining community solutions. Vanilla has been used to power tens of thousands of community forums around the world and we couldn't be happier if you've decided to use Vanilla to grow yours.

Official download site

https://mybb.com/download/

Current latest version

https://open.vanillaforums.com/get/vanilla-core-3.3
https://github.com/vanilla/vanilla/releases

Installation

https://docs.vanillaforums.com/developer/installation/self-hosting/

Sample Nginx directive

 # Block some folders as an extra hardening measure.
    location ~* /\.git { deny all; return 403; }
    location /build/ { deny all; return 403; }
    location /cache/ { deny all; return 403; }
    location /cgi-bin/ { deny all; return 403; }
    location /uploads/import/ { deny all; return 403; }
    location /conf/ { deny all; return 403; }
    location /tests/ { deny all; return 403; }
    location /vendor/ { deny all; return 403; }

    # This handles all the main requests thru index.php.
    location ~* ^/index\.php(/|$) {
        # send to fastcgi
        include fastcgi.conf;
        fastcgi_param SCRIPT_NAME /index.php;
        fastcgi_param SCRIPT_FILENAME $realpath_root/index.php;
        fastcgi_param X_REWRITE 1;
        fastcgi_pass php-fpm; # where 'php-fpm' is the upstream, probably defined in nginx.conf 
    }

    # If this is some other PHP script, disallow it by redirecting to /index.php
    location ~* \.php(/|$) {
        rewrite ^ /index.php$uri last;
    }

    # Default path handling
    location / {
        try_files $uri @vanilla;
    }
    
    location @vanilla {
        rewrite ^ /index.php$uri last;
    }

Nginx Redis2 module
https://github.com/openresty/redis2-nginx-module#readme

file "/etc/memcached_memcache.conf" does not exist but "/etc/memcached.conf~" exists

$ sudo lemper-cli create -u lemper -d eslabs.id -f wordpress-ms -d /home/lemper/webapps/eslabs.id --wildcard-domain --clone-skeleton
Adding domain /home/lemper/webapps/eslabs.id to virtual host...
Creating web root directory: ...
mkdir: cannot create directory ‘’: No such file or directory
Error: Failure running 'mkdir -p ', exiting.

It is better to add conditional statement to check whether webroot directy is empty, if empty then exit.

an error occurred with the installation process

Introduction

Fail2ban is a log-parsing application that monitors system logs for symptoms of an automated attack on your server. When an attempted compromise is located, using the defined parameters, Fail2ban will add a new rule to iptables to block the IP address of the attacker, either for a set amount of time or permanently. Fail2ban can also alert you through email that an attack is occurring.

Installation

Sampel installation on Ubuntu instance
https://www.linode.com/docs/security/using-fail2ban-for-security/

apt-get update && apt-get upgrade -y
apt-get install fail2ban

optional

apt-get install sendmail

Fail2ban Configuration

Sampel configuration for /etc/fail2ban/jail.local

backend = systemd

[sshd]
enabled = true
port = 2269
filter = sshd
logpath = /var/log/auth.log
maxretry = 6

Introduction

phpList is Open Source newsletter and email marketing software.

Official download site

https://www.phplist.org/download-phplist

Current latest version

https://sourceforge.net/projects/phplist/files/latest/download
https://github.com/phpList/phplist3

Installation

https://www.phplist.org/manual/books/phplist-manual/page/installing-phplist-manually#bkmrk-download-phplist

wget -q -O phplist.zip https://sourceforge.net/projects/phplist/files/latest/download
unzip -qq phplist.zip
mv phplist-*/ webapps/phplist.your-domain.com

Sample Nginx directives

server {
            listen 80;
            server_name example.com;

            root /var/www/phplist/public_html/lists;
            index index.php;

            access_log <<log file>>;
            error_log <<log file>>;

            charset utf-8;

            location ~* \.(txt|log|inc)$ {
                allow 127.0.0.1;
                deny all;
            }

            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
              expires max;
              log_not_found off;
           }

            #block phplist config directory
            location /config {
                deny all;
            }

            #per the phplist .htaccess these are the only public allowed php files
            location ~* (index\.php|upload\.php|connector\.php|dl\.php|ut\.php|lt\.php|download\.php)$ {
                   fastcgi_split_path_info ^(.|\.php)(/.+)$;

                   include /etc/nginx/fastcgi_params.conf; #standar fastcgi config file
                   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                   fastcgi_intercept_errors on;
                   fastcgi_pass 127.0.0.1:9000;
            }


            #block all other php file access from public
            location ~ \.php$ {
               deny all;
            }

}

W: GPG error: http://ftp.osuosl.org/pub/mariadb/repo/10.4/ubuntu bionic InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F1656F24C74CD1D8

E: The repository 'http://ftp.osuosl.org/pub/mariadb/repo/10.4/ubuntu bionic InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
Error: Failure running 'apt-get update -y', exiting.

MariaDB (MySQL) database credentials missing from report text

variable is not exported right

Currently LEMPer CLI doesn't yet support local domain configuration, for example using domain name with .local / .app extension for local development purpose. So, we can access our local development stack at http://some-aplication.local or http://some-aplication.app.

But, due to the fact that LEMPer also doesn't yet include DNS server. It'd require another approach.

Limit the amount of disk space a user or group can use on a filesystem. Without such limits, a user could fill up the machine’s disk and cause problems for other users and services.

apt-get update
apt-get install quota

## Install kernel quota modules.

if find /lib/modules/$(uname -r) -type f -name '*quota_v*.ko*' > /dev/null 2>&1; then
    echo "Kernel quota modules already exists";
else
    echo "Kernel quota modules not found. Installing...";
    apt-get install linux-image-extra-virtual
fi

Add usrquota,grpquota to fstab

nano /etc/fstab

something like this

UUID=a8254f0f-c87f-4299-88ee-7e9aea768cbe / ext4 errors=remount-ro,usrquota,grpquota 0 1

sudo mount -o remount /

Verify

cat /proc/mounts | grep 'quota,usrquota,grpquota'

Enabling quota

quotacheck -ugm /
sudo quotaon -v /

Set user quota

setquota OPTIONS <user|group|project> -a|
setquota -u lemper 200M 220M 0 0 /

Generate quota reports

repquota -s /

References

• Set Filesystem Quotas on Debian
• Set Filesystem Quotas on Ubuntu

xargs: unmatched double quote; by default quotes are special to xargs unless you use the -0 option
/dev/fd/63: line 29: unexpected EOF while looking for matching `"'
/dev/fd/63: line 110: syntax error: unexpected end of file

The basic support for Ubuntu 14.04 LTS has ended on 25. April 2019. This means that this version is not supported yet. It would be recommended to remove Ubuntu 14.04 support from LEMPer.

Install process exited with message

Error: Failure running 'service nginx start', exiting.

from journalctl -xe command gave

# journalctl -xe
-- Unit resolvconf-pull-resolved.service has begun starting up.
Aug 17 16:46:09 ucsg1.eslabs.id systemd[1]: Started resolvconf-pull-resolved.service.
-- Subject: Unit resolvconf-pull-resolved.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit resolvconf-pull-resolved.service has finished starting up.
-- 
-- The start-up result is RESULT.
Aug 17 16:46:28 ucsg1.eslabs.id systemd[1]: Starting A high performance web server and a reverse proxy server installed using LEMPer...
-- Subject: Unit nginx.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
-- 
-- Unit nginx.service has begun starting up.
Aug 17 16:46:28 ucsg1.eslabs.id nginx[9196]: nginx: [emerg] invalid value "http_502" in /etc/nginx/fastcgi_cache:6
Aug 17 16:46:28 ucsg1.eslabs.id nginx[9196]: nginx: configuration file /etc/nginx/nginx.conf test failed
Aug 17 16:46:28 ucsg1.eslabs.id systemd[1]: nginx.service: Control process exited, code=exited status=1
Aug 17 16:46:28 ucsg1.eslabs.id sudo[2220]: pam_unix(sudo:session): session closed for user root
Aug 17 16:46:28 ucsg1.eslabs.id systemd[1]: nginx.service: Failed with result 'exit-code'.
Aug 17 16:46:28 ucsg1.eslabs.id systemd[1]: Failed to start A high performance web server and a reverse proxy server installed using LEMPer.

it seems a configuration error from the latest commit for /etc/nginx/fastcgi_cache config.

Remove "masedi" from socket names and folders in nginx configs

Currently logged access & error to default Nginx log under /var/log/nginx, access & error log should be separated per user own the virtual host (site).

Need to configure server timezone and PHP ini timezone by default.

Nginx configuration error after enabling HTTPS

Reloading NGiNX configuration...
Error: Configuration couldn't be validated. Please correct the error below:

For usage information, run this script with --help

Mautic uses dynamic .gif files for tracking.
The mautic config includes a config file for static content. Removing the gif extension inside that config file fixes tracking.

An warning occured when using tempnam() function

Warning: tempnam() [function.tempnam]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s):

Possible fix

Set PHP ini sys_temp_dir to the user's temp dir, add from php-fpm pool config.

php_admin_value[sys_temp_dir] = /home/lemper/.tmp

# nginx -t
nginx: [emerg] "pagespeed" directive "GlobalStatisticsPath" cannot be set at this scope. in /etc/nginx/includes/mod_pagespeed.conf:12
nginx: configuration file /etc/nginx/nginx.conf test failed

# nginx -t
nginx: [emerg] "pagespeed" directive "GlobalAdminPath" cannot be set at this scope. in /etc/nginx/includes/mod_pagespeed.conf:16
nginx: configuration file /etc/nginx/nginx.conf test failed

Ref: apache/incubator-pagespeed-ngx#1024 (comment)

$ sudo lemper-cli manage --remove eslabs.id
Removing virtual host is not reversible.
Press [Enter] to continue...

Virtual host configuration file removed.

Do you want to delete website root directory? [y/n]: DELETE_DIR

DELETE_DIR is read variable which shouldn't be printed out

LEMPer return internal IP address on AWS Lightsail instance. It should return external / public IP address. Due to AWS network architecture, each Lightsail instance will return internal IP address which is different to its public IP.

This is not an issue. Shout whenever you ready to kick off with the development - I'd like to help. Not that clued up, but I am in need of something like this.

TODO:

1. Enhancement for Postfix installer and create default optimized-configuration
2. Add Dovecot installation and create default optimized-configuration

Current script is here:
scripts/install_mailer.sh

Memcached Nginx Module available here
https://github.com/openresty/memc-nginx-module

Introduction

Roundcube is a web-based IMAP email client. Roundcube's most prominent feature is the pervasive use of Ajax technology.

Official download site

https://roundcube.net/download/

Current latest version

https://github.com/roundcube/roundcubemail/releases

Installation

https://wiki.archlinux.org/index.php/Roundcube#Webserver_(Nginx)
https://www.linuxbabe.com/mail-server/install-roundcube-webmail-ubuntu-16-04-nginx-mariadb-php7

Sample Nginx directive

  location / {
    try_files $uri $uri/ /index.php;
  }

  location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
    deny all;
  }
  location ~ ^/(bin|SQL)/ {
    deny all;
  }

  location ~ \.php$ {
   try_files $uri =404;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    include fastcgi_params;
  }

  location ~ /.well-known/acme-challenge {
    allow all;
  }

An 500 internal server error produced when uploading file, error from the log show:

2019/09/24 23:03:03 [error] 28295#28295: *348 FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/home/lemper) in Unknown on line 0PHP message: PHP Warning: File upload error - unable to create a temporary file in Unknown on line 0" while reading response header from upstream, client: 36.90.208.58, server: lapak.store, request: "POST /wp-admin/network/update.php?action=upload-theme HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm.lemper.sock:", host: "lapak.store", referrer: "http://lapak.store/wp-admin/network/theme-install.php?browse=featured"
2019/09/24 23:10:40 [error] 29018#29018: *400 FastCGI sent in stderr: "PHP message: PHP Notice: Unknown: file created in the system's temporary directory in Unknown on line 0PHP message: PHP Warning: Unknown: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (/home/lemper) in Unknown on line 0PHP message: PHP Warning: File upload error - unable to create a temporary file in Unknown on line 0" while reading response header from upstream, client: 36.90.208.58, server: lapak.store, request: "POST /wp-admin/network/update.php?action=upload-theme HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm.lemper.sock:", host: "lapak.store", referrer: "http://lapak.store/wp-admin/network/theme-install.php?browse=featured"

it is due to open_basedir setting

possible solutione here https://mediatemple.net/community/products/dv/204644200/how-do-i-set-the-upload_tmp_dir

1. Move /tmp directory to open_basedir directory, utilizing upload_tmp_dir
   php_admin_value[upload_tmp_dir] = /home/lemper/tmp
   add to the respective PHP FPM user pool configuration.
2. Automate /tmp directory creation during user pool created.
3. Restart php fpm service daemon

In order to complement the current used PHP repository (Ondrej), it'd be great to also support Ondrej Nginx repositrory.

Packages available here

https://launchpad.net/~ondrej/+archive/ubuntu/nginx
https://launchpad.net/~ondrej/+archive/ubuntu/nginx-mainline

Installation instructions

add-apt-repository ppa:ondrej/nginx-mainline
apt-get update

or, here

https://packages.sury.org/nginx/
https://packages.sury.org/nginx-mainline/

Installation instructions

apt-get -y install apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/nginx.gpg https://packages.sury.org/nginx/apt.gpg
sh -c 'echo "deb https://packages.sury.org/nginx/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/nginx.list'
apt-get update

Advantages

1. Actively maintained
2. Includes several main modules

• mod-http-auth-pam
• mod-http-cache-purge
• mod-http-dav-ext
• mod-http-echo
• mod-http-fancyindex
• mod-http-geoip
• mod-http-geoip2
• mod-http-headers-more-filter
• mod-http-image-filter
• mod-http-lua
• mod-http-ndk
• mod-http-perl
• mod-http-subs-filter
• mod-http-uploadprogress
• mod-http-upstream-fair
• mod-http-xslt-filter
• mod-mail
• mod-nchan
• mod-rtmp
• mod-ssl-ct
• mod-stream

3. Reducing installation process, no compilation required.

Introduction

MyBB is the free and open source forum software powering thousands of engaging, vibrant, and unique communities across the internet.

Official download site

https://mybb.com/download/

Current latest version

https://resources.mybb.com/downloads/mybb_1821.zip
https://github.com/mybb/mybb

Installation

https://docs.mybb.com/1.8/install/

Sample Nginx directive

# Note: You are able to choose a different name in the Admin CP. If you've done that you need to change it here too
location ~ /error.log 
{ 
    deny all; 
}

# Note: You are able to rename the admin directory. If you've done that, you need to change it here too
location /admin/backups {
    deny all;
}

rewrite ^/forum-([0-9]+).html$ /forumdisplay.php?fid=$1 last;
rewrite ^/forum-([0-9]+)-page-([0-9]+).html$ /forumdisplay.php?fid=$1&page=$2 last;
rewrite ^/thread-([0-9]+).html$ /showthread.php?tid=$1 last;
rewrite ^/thread-([0-9]+)-page-([0-9]+).html$ /showthread.php?tid=$1&page=$2 last;
rewrite ^/thread-([0-9]+)-lastpost.html$ /showthread.php?tid=$1&action=lastpost last;
rewrite ^/thread-([0-9]+)-nextnewest.html$ /showthread.php?tid=$1&action=nextnewest last;
rewrite ^/thread-([0-9]+)-nextoldest.html$ /showthread.php?tid=$1&action=nextoldest last;
rewrite ^/thread-([0-9]+)-newpost.html$ /showthread.php?tid=$1&action=newpost last;
rewrite ^/thread-([0-9]+)-post-([0-9]+).html$ /showthread.php?tid=$1&pid=$2 last;
rewrite ^/post-([0-9]+).html$ /showthread.php?pid=$1 last;
rewrite ^/announcement-([0-9]+).html$ /announcements.php?aid=$1 last;
rewrite ^/user-([0-9]+).html$ /member.php?action=profile&uid=$1 last;
rewrite ^/calendar-([0-9]+).html$ /calendar.php?calendar=$1 last;
rewrite ^/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+).html$ /calendar.php?calendar=$1&year=$2&month=$3 last;
rewrite ^/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+).html$ /calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4 last;
rewrite ^/calendar-([0-9]+)-week-(n?[0-9]+).html$ /calendar.php?action=weekview&calendar=$1&week=$2 last;
rewrite ^/event-([0-9]+).html$ /calendar.php?action=event&eid=$1 last;

***Introduction

Nextcloud is a suite of client-server software for creating and using file hosting services. Nextcloud application functionally is similar to Dropbox. Unlike Dropbox, Nextcloud does not offer off-premises file storage hosting.

“the most popular self-hosted collaboration solution for tens of millions of users at thousands of organizations across the globe"

***Official download site

https://nextcloud.com/install/#instructions-server

Current latest version
https://download.nextcloud.com/server/releases/nextcloud-16.0.4.zip

***Configuration

https://docs.nextcloud.com/server/15/admin_manual/installation/nginx.html

Nginx directive

location = /.well-known/carddav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }
    location = /.well-known/caldav {
      return 301 $scheme://$host:$server_port/remote.php/dav;
    }

    location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
        fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
        # Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        # Enable pretty urls
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }

    location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
        try_files $uri/ =404;
        index index.php;
    }

    # Adding the cache control header for js, css and map files
    # Make sure it is BELOW the PHP block
    location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
        try_files $uri /index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463";
        # Add headers to serve security related headers (It is intended to
        # have those duplicated to the ones above)
        # Before enabling Strict-Transport-Security headers please read into
        # this topic first.
        #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
        #
        # WARNING: Only add the preload option once you read about
        # the consequences in https://hstspreload.org/. This option
        # will add the domain to a hardcoded list that is shipped
        # in all major browsers and getting removed from this list
        # could take several months.
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Robots-Tag none;
        add_header X-Download-Options noopen;
        add_header X-Permitted-Cross-Domain-Policies none;
        add_header Referrer-Policy no-referrer;

        # Optional: Don't log access to assets
        access_log off;
    }

    location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
        try_files $uri /index.php$request_uri;
        # Optional: Don't log access to other assets
        access_log off;
    }

Nginx error occured when running multiple domain, it seems configuration issue

$ sudo nginx -t
nginx: [emerg] duplicate listen options for [::]:80 in /etc/nginx/sites-enabled/wc.test.conf:3
nginx: configuration file /etc/nginx/nginx.conf test failed

=== Introduction

Open Journal Systems (OJS) is a journal management and publishing system that has been developed by the Public Knowledge Project through its federally funded efforts to expand and improve access to research.

“Scholars need the means to launch a new generation of journals committed to open access, and to help existing journals that elect to make the transition to open access…”
Budapest Open Access Initiative, 2002

=== Official download site

https://pkp.sfu.ca/ojs/ojs_download/

Current latest version
http://pkp.sfu.ca/ojs/download/ojs-3.1.2-1.tar.gz

=== Configuration

Nginx directive

location / {
     try_files $uri $uri/ /index.php?$query_string;
 }

1. Current version 1.2.0 requires webroot parameter for defining user running virtual host.

Proposed suggestion:

Make the username parameter as optional, set default user to Lemper account, when username is not set, then use default username.

2. Current version 1.2.0 requires webroot parameter for defining web root directory, and aborting when it is not set.

Proposed suggestion:

Make the webroot parameter as optional, set default web root to /home/lemper/webapps/{domain_name} directory, when webroot is not set, then use default webroot.

ClamAV® is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.

Installation instruction:
https://www.clamav.net/documents/installation-on-debian-and-ubuntu-linux-distributions

Downloads page:
https://www.clamav.net/downloads

The default file for new vhosts has a .html extension but the nginx config does not load index.html file as index.
renaming index.html to index.php works obviously

Introduction

Rainloop is a popular free Open Source Web Application primarily written in PHP. It offers users a swift and contemporary web interface for accessing emails on a majority of commonly used domain mail providers such as Outlook, Yahoo, and Gmail, in addition to local mail servers.

Official download site

https://www.rainloop.net/downloads/

Current latest version

https://github.com/RainLoop/rainloop-webmail/releases
https://www.rainloop.net/repository/webmail/rainloop-community-latest.zip

Installation

https://www.rainloop.net/docs/installation/

curl -sL https://repository.rainloop.net/installer.php | php
or
wget -qO- https://repository.rainloop.net/installer.php | php

Sample Nginx directive

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_index index.php;
        fastcgi_split_path_info ^(.+\.php)(.*)$;
        fastcgi_keep_conn on;
        include /etc/nginx/fastcgi_params;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }

    location ~ /\.ht {
        deny all;
    }

    location ^~ /data {
      deny all;
    }

When creating new vhost for Wordpress multi site, its required to have wildcard host available on server_name directive.

Currently Lemper CLI doesn't create wildcard host automatically for Wordpress multi site if created without --wildcard-domain argument. We should make it automatically, due to multi site requirement.

Let's Encrypt is a free, automated, and open certificate authority brought to you by the non-profit Internet Security Research Group (ISRG). The certificate is valid for 90 days, during which renewal can take place at any time.